From 32169003f636bc3ef3f133c6fcda80067ee015ee Mon Sep 17 00:00:00 2001 From: David John Arnold Jr Date: Tue, 17 Dec 2024 16:01:52 -0800 Subject: [PATCH] Update .github/workflows/terraform-apply-dev.yml --- .github/workflows/terraform-apply-dev.yml | 50 ++++++++++------------- 1 file changed, 22 insertions(+), 28 deletions(-) diff --git a/.github/workflows/terraform-apply-dev.yml b/.github/workflows/terraform-apply-dev.yml index e5b57c1..19537af 100644 --- a/.github/workflows/terraform-apply-dev.yml +++ b/.github/workflows/terraform-apply-dev.yml @@ -13,28 +13,16 @@ concurrency: permissions: write-all jobs: - Auth: - runs-on: ["self-hosted", "229685449397"] - - outputs: - aws_access_key_id: ${{ steps.aws_auth.outputs.aws_access_key_id }} - aws_secret_access_key: ${{ steps.aws_auth.outputs.aws_secret_access_key }} - aws_session_token: ${{ steps.aws_auth.outputs.aws_session_token }} - - steps: - - name: AWS Auth - id: aws_auth - uses: CSVD/aws-auth@main - with: - ecs: true - Plan: - runs-on: ["self-hosted", "iebcloud"] - needs: Auth + runs-on: ["229685449397"] + outputs: commit_sha: ${{ steps.git_show.outputs.commit_sha }} cache_key: ${{ steps.terraform_init.outputs.s3_upload_path }} github_token: ${{ steps.github_credentials.outputs.github_token }} + aws_access_key_id: ${{ steps.aws_auth.outputs.aws_access_key_id }} + aws_secret_access_key: ${{ steps.aws_auth.outputs.aws_secret_access_key }} + aws_session_token: ${{ steps.aws_auth.outputs.aws_session_token }} pending_changes: ${{ steps.terraform_plan.outputs.pending_changes }} steps: @@ -49,6 +37,12 @@ jobs: echo "commit_sha=$(git show | grep commit | head -1 | awk '{ print $NF }')" >> $GITHUB_ENV echo "commit_sha=$(git show | grep commit | head -1 | awk '{ print $NF }')" >> $GITHUB_OUTPUT + - name: AWS Auth + id: aws_auth + uses: CSVD/aws-auth@main + with: + ecs: true + - name: Setup GITHUB Credentials id: github_credentials uses: CSVD/gh-auth@main @@ -71,9 +65,9 @@ jobs: cache_bucket: image-pipeline-assets env: GITHUB_TOKEN: ${{ steps.github_credentials.outputs.github_token }} - AWS_ACCESS_KEY_ID: ${{ needs.Auth.outputs.aws_access_key_id }} - AWS_SECRET_ACCESS_KEY: ${{ needs.Auth.outputs.aws_secret_access_key }} - AWS_SESSION_TOKEN: ${{ needs.Auth.outputs.aws_session_token }} + AWS_ACCESS_KEY_ID: ${{ steps.aws_auth.outputs.aws_access_key_id }} + AWS_SECRET_ACCESS_KEY: ${{ steps.aws_auth.outputs.aws_secret_access_key }} + AWS_SESSION_TOKEN: ${{ steps.aws_auth.outputs.aws_session_token }} - name: Terraform Plan id: terraform_plan @@ -88,9 +82,9 @@ jobs: cache_bucket: image-pipeline-assets cache_key: ${{ steps.terraform_init.outputs.s3_upload_path }} env: - AWS_ACCESS_KEY_ID: ${{ needs.Auth.outputs.aws_access_key_id }} - AWS_SECRET_ACCESS_KEY: ${{ needs.Auth.outputs.aws_secret_access_key }} - AWS_SESSION_TOKEN: ${{ needs.Auth.outputs.aws_session_token }} + AWS_ACCESS_KEY_ID: ${{ steps.aws_auth.outputs.aws_access_key_id }} + AWS_SECRET_ACCESS_KEY: ${{ steps.aws_auth.outputs.aws_secret_access_key }} + AWS_SESSION_TOKEN: ${{ steps.aws_auth.outputs.aws_session_token }} GITHUB_TOKEN: ${{ steps.github_credentials.outputs.github_token }} GITHUB_OWNER: ${{ github.repository_owner }} GITHUB_BASE_URL: "${{ github.server_url }}/" @@ -111,8 +105,8 @@ jobs: Apply: # The type of runner that the job will run on - runs-on: ["Default"] - needs: [Plan, Auth] + runs-on: ["229685449397"] + needs: Plan environment: dev steps: - name: AWS Auth @@ -141,9 +135,9 @@ jobs: cache_bucket: image-pipeline-assets cache_key: ${{ needs.Plan.outputs.cache_key }} env: - AWS_ACCESS_KEY_ID: ${{ needs.Auth.outputs.aws_access_key_id }} - AWS_SECRET_ACCESS_KEY: ${{ needs.Auth.outputs.aws_secret_access_key }} - AWS_SESSION_TOKEN: ${{ needs.Auth.outputs.aws_session_token }} + AWS_ACCESS_KEY_ID: ${{ steps.aws_auth.outputs.aws_access_key_id }} + AWS_SECRET_ACCESS_KEY: ${{ steps.aws_auth.outputs.aws_secret_access_key }} + AWS_SESSION_TOKEN: ${{ steps.aws_auth.outputs.aws_session_token }} GITHUB_TOKEN: ${{ steps.github_credentials.outputs.github_token }} GITHUB_OWNER: ${{ github.repository_owner }} GITHUB_BASE_URL: "${{ github.server_url }}/"